search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.89k stars 5.46k forks source link

helm2 binary is used when the helm version specified is 'v3' in the application manifest yaml #4879

Open catsgotmytongue opened 3 years ago

catsgotmytongue commented 3 years ago

If you are trying to resolve an environment-specific issue or have a one-off question about the edge case that does not require a feature then please consider asking a question in argocd slack channel.

Checklist:

Describe the bug

in a applications.argoproj.io yaml file like 

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: cis-secrets-store-provider
  namespace: argocd
spec:
  project: infrastructure
  source:
    repoURL: 'https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts'
    targetRevision: 0.0.13
    chart: csi-secrets-store-provider-azure
    helm:
      version: v3
  destination:
    namespace: azure-keyvault-provider
    server: 'https://kubernetes.default.svc'
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true

When using a chart where the Chart.yaml apiVersion value is set to v1, like the secrets-store-csi-driver-provider-azure chart

the spec.source.helm.version value seems to be ignored or blank and argocd uses the chart's Chart.yaml file for its version instead of my explicit override. I also attempted to set the version for helm in the manifest in Argo's web UI and it refused to save with that version set.

The chart used says it requires helm 3 but their Chart.yaml says the apiVersion is 'v1' and I believe it should be 'v2' (helm 3).

To Reproduce the repository specified above exhibits this issue.

Add an argo application using the above specified helm chart and explicitly configure the spec.source.helm.version to be 'v3'

When the app syncs it will attempt to use the helm2 binary when it runs the template command on the chart. It then fails because it tries to use a helm 3 value in helm 2 and results in an error that in my specific chart says:

rpc error: code = Unknown desc = helm2 template . --name cis-secrets-store-provider --namespace azure-keyvault-provider --kube-version 1.19 --set foo=bar --api-versions v1 --api-versions apiregistration.k8s.io/v1 --api-versions apiregistration.k8s.io/v1beta1 --api-versions extensions/v1beta1 --api-versions apps/v1 --api-versions events.k8s.io/v1 --api-versions events.k8s.io/v1beta1 --api-versions authentication.k8s.io/v1 --api-versions authentication.k8s.io/v1beta1 --api-versions authorization.k8s.io/v1 --api-versions authorization.k8s.io/v1beta1 --api-versions autoscaling/v1 --api-versions autoscaling/v2beta1 --api-versions autoscaling/v2beta2 --api-versions batch/v1 --api-versions batch/v1beta1 --api-versions certificates.k8s.io/v1 --api-versions certificates.k8s.io/v1beta1 --api-versions networking.k8s.io/v1 --api-versions networking.k8s.io/v1beta1 --api-versions policy/v1beta1 --api-versions rbac.authorization.k8s.io/v1 --api-versions rbac.authorization.k8s.io/v1beta1 --api-versions storage.k8s.io/v1 --api-versions storage.k8s.io/v1beta1 --api-versions admissionregistration.k8s.io/v1 --api-versions admissionregistration.k8s.io/v1beta1 --api-versions apiextensions.k8s.io/v1 --api-versions apiextensions.k8s.io/v1beta1 --api-versions scheduling.k8s.io/v1 --api-versions scheduling.k8s.io/v1beta1 --api-versions coordination.k8s.io/v1 --api-versions coordination.k8s.io/v1beta1 --api-versions node.k8s.io/v1beta1 --api-versions discovery.k8s.io/v1beta1 --api-versions acme.cert-manager.io/v1 --api-versions acme.cert-manager.io/v1beta1 --api-versions acme.cert-manager.io/v1alpha3 --api-versions acme.cert-manager.io/v1alpha2 --api-versions cert-manager.io/v1 --api-versions cert-manager.io/v1beta1 --api-versions cert-manager.io/v1alpha3 --api-versions cert-manager.io/v1alpha2 --api-versions argoproj.io/v1alpha1 failed exit status 1: Error: render error in "csi-secrets-store-provider-azure/charts/secrets-store-csi-driver/templates/csidriver.yaml": template: csi-secrets-store-provider-azure/charts/secrets-store-csi-driver/templates/csidriver.yaml:8:45: executing "csi-secrets-store-provider-azure/charts/secrets-store-csi-driver/templates/csidriver.yaml" at <.Capabilities.KubeVersion.Version>: can't evaluate field Version in type *version.Info

In the meantime I am working around this problem by using my own chart with the apiVersion set to 'v2' in the Chart.yaml files.

Expected behavior

I expect that when I set the version for helm to v3 in the application manifest yaml that it will use that version to determine the helm binary to use instead of the chart's version.

Screenshots The error I see in the web UI that shows why the app is not syncing correctly: image

Version

argocd: v1.7.8+ef5010c.dirty
  BuildDate: 2020-11-05T18:44:18Z
  GitCommit: ef5010c3a0b5e027fd642732d03c5b0391b1e574
  GitTreeState: dirty
  GoVersion: go1.15.3
  Compiler: gc
  Platform: linux/amd64
argocd-server: v1.7.9+f6dc8c3
  BuildDate: 2020-11-17T23:19:51Z
  GitCommit: f6dc8c389a00d08254f66af78d0cae1fdecf7484
  GitTreeState: clean
  GoVersion: go1.14.12
  Compiler: gc
  Platform: linux/amd64
  Ksonnet Version: v0.13.1
  Kustomize Version: {Version:kustomize/v3.6.1 GitCommit:c97fa946d576eb6ed559f17f2ac43b3b5a8d5dbd BuildDate:2020-05-27T20:47:35Z GoOs:linux GoArch:amd64}
  Helm Version: version.BuildInfo{Version:"v3.2.0", GitCommit:"e11b7ce3b12db2941e90399e874513fbd24bcb71", GitTreeState:"clean", GoVersion:"go1.13.10"}
  Kubectl Version: v1.17.8
jessesuen commented 3 years ago 
    helm:
      version: v3

That feature is coming in Argo CD v1.8.

As a workaround, we auto-detect helm v3 if it has the new required fields in Chart.yaml

apiVersion: The chart API version (required)
version: A SemVer 2 version (required)

If it has these, we will invoke helm3

catsgotmytongue commented 3 years ago

well I don't see anything that documents that it wasn't available in my version of argocd.

I'm not following what you mean here but the yaml for the Chart I was trying to use is:

apiVersion: v1
appVersion: 0.0.10
description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault
  Provider inside a Kubernetes cluster.
home: https://github.com/Azure/secrets-store-csi-driver-provider-azure
kubeVersion: '>=1.16.0-0'
maintainers:
- email: anish.ramasekar@gmail.com
  name: Anish Ramasekar
name: csi-secrets-store-provider-azure
sources:
- https://github.com/Azure/secrets-store-csi-driver-provider-azure
version: 0.0.14

I was merely trying to use a 3rd party chart that says helm 3 as a requirement and then all their Chart.yaml files specified apiVersion v1.

Making my own chart based on theirs with apiVersion set to v2 in the Chart.yaml files is what I am currently using as a work around.

what do you mean by "version: A SemVer 2 version (required)" ? to me this was using the wrong binary. I now know that the helm.version value is not available in my version of argo as per your comment.

However, the referenced chart is a 3rd party project's chart by microsoft.

I was thinking they should update their charts since they still specify v1 when they say on their documentation that they require helm 3.

what do you suggest ?